The Internet worldwide network enables many digital appliances to interconnect and exchange information. A particular use of the Internet is to distribute digital files, specifically digital content such as digital books or music files, to the connected appliances.
The proliferation and distribution of digital music files is substantial. Various devices, programs and methods to listen to digital music are available, and an increasing number of music title exists in digital form. Unfortunately there exists a substantial amount of illegal copies of digital music files, such that the rights of the owner of the music cannot be exercised with respect to the illegal copies.
Digital books are substantially less popular and common than music. One of the reasons for the difference between the proliferation of music in digital form and books in digital form is the caution felt by book content rights owners against potential copyright infringement, a lesson learned from the experience of the music industry. Concerns about losing control over the management of rights prevents the usage of the Internet as a powerful digital content distribution infrastructure.
Digital rights management (DRM) systems are developed to challenge the above difficulties. Part of the function of a typical DRM system is to define the form of “rights-protected files”—methods that enable the use of digital files under limitations defined by the owner of the rights to the content. These systems typically involve cryptographic methods for the secure distribution of the content between a content repository or server and a digital appliance. Such methods typically require the appliance to include an implementation of cryptographic algorithms and hold cryptographic keys in order to gain access to the content. The access to the content is performed through a program that is DRM sensitive and is hereafter called—an electronic book reader.
Examples of electronic book reading software are the Adobe Acrobat, Adobe eBook Reader (http://www.adobe.com) and the Microsoft eBook Reader (http://www.microsoft.com/reader). Such software implements some form of DRM that is engaged when the users attempts to open and view a digital document. One of the operations performed by such electronic book readers is the process of decrypting the document using cryptographic methods and cryptographic keys. In order to do so, the reader program must have access to the cryptographic methods and keys; therefore the cryptographic methods and keys must reside within the access of the reader program. Typically the cryptographic methods, the keys, or both reside within the reader program, on the document itself, or somewhere within the appliance storage.
A digital appliance such as a computer is typically an open platform enabling computer programmers to develop programs. In some cases, software programs are developed for the purpose of hacking and locating the cryptographic keys and algorithms of a DRM system (hereafter referred to as hacking programs), in order to circumvent the DRM and gain illegal access to the content. This process is generally called an “attack” and if it succeeds it is commonly referred to as to “crack” the DRM system. A computer program that performs this function is referred hereafter as a hacking program.
Examples for such successful attacks are well known in the art. In late 2001, a programmer was able to crack the Microsoft eBook reader and locate the cryptographic methods and keys, producing a program that inputs an encrypted eBook file and outputs an illegal electronic book that is not protected (http://www.technologyreview.com/articles/innovation11101.asp). A similar cracking event of the Adobe system took place earlier that year (http://www.wired.com/news/politics/0,1283,45298,00.html).
Other forms of attacks include using programming tools. For example, software debuggers track and trap the electronic book information after the electronic book reader has decrypted it, retrieving the “protected” information. Such information includes the book text, images and attributes such as fonts, text color, and image locations, etc., which instruct the electronic book reader on how it should reconstruct the book for presentation to the user. A hacking program that cracks the reader and releases this information from the DRM system enables the construction of illegal copies of the original electronic book.
As a countermeasure, DRM systems have used more sophisticated cryptographic schemes and code obfuscation techniques. Other methods include adding tamper resistant hardware to store the cryptographic keys. Examples of such methods are cryptographic tokens such as iToken of Rainbow Technologies Inc. (http://www.rainbow.com/ikey/index.html) and using a smart card to store cryptographic keys and optionally cryptographic algorithms. Such solutions either reveal the cryptographic key to the digital appliance in the process of decrypting the information, or internally perform the cryptographic functions but reveal the end result in a raw form that can be hacked. In practice these methods were proven to slow, but not halt, an adversary. Given enough time and effort a computer program that “cracks” the DRM system may be written. It can be appreciated by those skilled in the art that such successful attacks may occur to such program readers that execute in an open environment that enables programmers to develop software programs. Similarly, cryptographic co-processors leave the content vulnerable after decryption.
Several ongoing initiatives focus on securing the personal computer itself. As result, a major effort is being taken by the industry, led by companies such as Microsoft to protect some part of a personal computer by transforming that part into a closed system.(http://www.microsoft.com/presspass/features/2002/jul02/0724palladiumwp.asp). This initiative may produce a personal computer that is less sensitive to viruses, can be identified by service providers over the network, and can be used to build a DRM system. Microsoft's Palladium defines how to make the operating system of the personal computer secure. Once the operating system is secure, the PC is considered trusted and it can be used for purposes such as DRM. The Wave Embassy verification system secures an appliance. Unfortunately these initiatives will be realized only in future digital appliances, which must incorporate technology specific to Palladium and Wave Embassy for securing the personal computer itself.
There is clearly an unmet need for a system, method and device for securing digital documents in a digital appliance.